This is a good effort, but it's unlikely people are going to switch over to Google+, no matter how many features Google adds to maintain parity or beat Facebook. Partly because all Facebook needs to do is copy the features, and everyone simply starts using Facebook again, and partly because people don't like having to re-create their online profile twice, and then sharing that with people that probably already are on Facebook.

Nonetheless, it pushes Facebook in the right direction, hopefully they provide something similar soon with movie recommendations and whatnot.

The other issue is that Google already knows too much about me, I'd prefer they didn't know about my social life too. That's pretty much the final barrier, and a company that knows that much is too powerful.

When someone registers on a website with Google+ Sign-in, "if they have an Android phone," said Sternberg, "on the Web we say, 'hey, we notice you have an Android phone—would you like the Android app?' And if the user says yes, then the app is automatically downloaded onto their phone without them ever touching their phone.

You know the other thing I won't ever be touching? Any bloody website that harasses me to install an app.

I have absolutely no interest in crowd-sourced decision making for social things. Or in knowing about my internet friends' "collective activities".

This may be correlated to age. When you are young (high school/college/20's), most of your friends share a lot of things in common with you, and you are more likely to be interested in their interests because they a) probably match yours and b) you are still figuring out what you really, really like. As you get older, you are more likely to have acquired a set of friends that are different from you and stronger ideas about your own preferences.

Let's face it -- most companies don't care about older folks. If you are in the 18-34 demographic, you are worth more to them as a potential customer. If you aren't... well that must mean you are ripe for a Jitterbug phone, right?

When someone registers on a website with Google+ Sign-in, "if they have an Android phone," said Sternberg, "on the Web we say, 'hey, we notice you have an Android phone—would you like the Android app?' And if the user says yes, then the app is automatically downloaded onto their phone without them ever touching their phone.

You know the other thing I won't ever be touching? Any bloody website that harasses me to install an app.

This is more like you search "Fandango" and in the right hand column there will be a link to download the app right to your phone. I actually think this could ocassionally be useful.

I have absolutely no interest in crowd-sourced decision making for social things. Or in knowing about my internet friends' "collective activities".

This may be correlated to age. When you are young (high school/college/20's), most of your friends share a lot of things in common with you, and you are more likely to be interested in their interests because they a) probably match yours and b) you are still figuring out what you really, really like. As you get older, you are more likely to have acquired a set of friends that are different from you and stronger ideas about your own preferences.

Let's face it -- most companies don't care about older folks. If you are in the 18-34 demographic, you are worth more to them as a potential customer. If you aren't... well that must mean you are ripe for a Jitterbug phone, right?

Most marketing aims for that demographic because statistically people in the demographic are naive (inexperienced) and easily influenced (peer pressure, puberty, etc.).

But that doesn't mean everyone in the demographic is either. There are always those that buck the trends.

I have a feeling at least 25% of that demographic will never use a service like described because of their independent nature.

This has degraded G+ from I'm not signing up because I see no value to 'Oh hell no!'; and wondering if I should stop using my existing gmail account for OAuth now as a preemptive move against G deciding to either G+ or just this behavior to all account holders in the future.

On one hand, you are replacing many sites some of which likely have really inferior (incompetent) security practices, with a single site that (hopefully) has superior security practices. I do expect that Google is less likely to get hacked to obtain the password files than many other sites.

On the other hand, the single site becomes more of a target, and if anywhere in the security chain breaks you have effectively leaked your password for all of those sites -- exactly what you are cautioned not to do in the conventional advice to have unique passwords for every site. And one shouldn't think the only vulnerability is the one site (e.g. Google) as there are alternatives such as hacking the secondary site to present a false login prompt and capture your universal password.

Ultimately, the convenience is appealing (unique passwords everywhere is a pain), but I think you are losing security overall by participating. (And this ignores any possible privacy cost, which is its own issue.)

I have absolutely no interest in crowd-sourced decision making for social things. Or in knowing about my internet friends' "collective activities".

This may be correlated to age. When you are young (high school/college/20's), most of your friends share a lot of things in common with you, and you are more likely to be interested in their interests because they a) probably match yours and b) you are still figuring out what you really, really like. As you get older, you are more likely to have acquired a set of friends that are different from you and stronger ideas about your own preferences.

Let's face it -- most companies don't care about older folks. If you are in the 18-34 demographic, you are worth more to them as a potential customer. If you aren't... well that must mean you are ripe for a Jitterbug phone, right?

Companies market to that demographic because they are naive and don't worry about things like privacy. Companies market to older people differently because that group actually has more disposable income but aren't as foolish about how they spend it.

i think one factor missing is the need for 2 way 'trust' - always and increasingly, website owners/online publishers/service providers must try to block out 'bad traffic' (hackers, spammers, spoofers, botnets, etc).

Google will need to end up with a 2-tier membership system at least - if not some more sophisticated method of gauaging (and undoubtedly charging for) the 'trustworthiness' of connected parties. (eg: known postal address, legal trading entity, etc, rather then just plain anonymous gmail address). ebay probably comes close to best model.

On the other hand, the single site becomes more of a target, and if anywhere in the security chain breaks you have effectively leaked your password for all of those sites -- exactly what you are cautioned not to do in the conventional advice to have unique passwords for every site. And one shouldn't think the only vulnerability is the one site (e.g. Google) as there are alternatives such as hacking the secondary site to present a false login prompt and capture your universal password.

If you use their email service, most password resets will be sent to that service anyway. This just makes it more convenient.

'hey, we notice you have an Android phone—would you like the Android app?' And if the user says yes, then the app is automatically downloaded onto their phone without them ever touching their phone."

Great. Now I have to make sure I am -not- logged into some Google service when I am browsing the web. Otherwise one stray click and some overbloated app downloads automatically into my phone. And since my phone is severely memory limited, it will more than likely brick my phone. Thanks Google! One more thing to stress me out!

Yet another reason to never touch Google+. Just because people are lazy about security (and privacy!) doesn't make crap like this right... 20 years of the First Rule of Web Security ("don't use the same credentials at multiple sites") seems to be out the window these days thanks to FB & Google encouraging their users to sign in everywhere with their (*SPIT*) social networking accounts.

I have absolutely no interest in crowd-sourced decision making for social things. Or in knowing about my internet friends' "collective activities".

This may be correlated to age. When you are young (high school/college/20's), most of your friends share a lot of things in common with you, and you are more likely to be interested in their interests because they a) probably match yours and b) you are still figuring out what you really, really like. As you get older, you are more likely to have acquired a set of friends that are different from you and stronger ideas about your own preferences.

Let's face it -- most companies don't care about older folks. If you are in the 18-34 demographic, you are worth more to them as a potential customer. If you aren't... well that must mean you are ripe for a Jitterbug phone, right?

Most marketing aims for that demographic because statistically people in the demographic are naive (inexperienced) and easily influenced (peer pressure, puberty, etc.).

But that doesn't mean everyone in the demographic is either. There are always those that buck the trends.

I have a feeling at least 25% of that demographic will never use a service like described because of their independent nature.

Exactly. I'm 16, I don't connect with companies on Facebook, I don't like anything so that they don't have marketing data on me, I block tracking scripts and crap, I don't use apps that do nothing more than the website, and advertising tends to DISCOURAGE me from buying a product, if anything. I'm pretty sure I'm not the kind of person they're trying to target though.

Exactly. I'm 16, I don't connect with companies on Facebook, I don't like anything so that they don't have marketing data on me, I block tracking scripts and crap, I don't use apps that do nothing more than the website, and advertising tends to DISCOURAGE me from buying a product, if anything. I'm pretty sure I'm not the kind of person they're trying to target though.

I like the centralized online identity, but, just like android permissions, I feel like this is going to get out of hand.

If every time I want to download an app, the company is going to want all my google data, I say no thank you. If there isn't a way to opt out of every (or at least most) of the requested permissions (except possibly for my email), I would rather create a fake account for all purposes "Identity"

Funny how I was browsing FB as I was reading this article. I find the ads are just mirrors exactly what I have searched for. Problem for advertisers is I have usually bought what I need by the time the ads show up. Also 2-factor authentication helps protect this whole SSO phase we are going through right now

Just try to change your name in Gmail. I changed my real name to something not recognizable as a first, last name. The google team doesn't like it so they said my G+ account has been suspended. Oh boo-hoo. Looks like I don't get to participate.

This has degraded G+ from I'm not signing up because I see no value to 'Oh hell no!'; and wondering if I should stop using my existing gmail account for OAuth now as a preemptive move against G deciding to either G+ or just this behavior to all account holders in the future.

On the other hand, the single site becomes more of a target, and if anywhere in the security chain breaks you have effectively leaked your password for all of those sites -- exactly what you are cautioned not to do in the conventional advice to have unique passwords for every site. And one shouldn't think the only vulnerability is the one site (e.g. Google) as there are alternatives such as hacking the secondary site to present a false login prompt and capture your universal password.

If you use their email service, most password resets will be sent to that service anyway. This just makes it more convenient.

So if your email account is compromised, that potentially compromises everything else.

That's true, but the inverse situation only exists with single sign-in. For example, a site is hacked to present a false log-in screen and obtains your password. Without single sign-in, that can only happen on your email site. With single sign-in, it could happen on many sites. There are more vulnerabilities now that endanger that email address.

Ultimately you need to be most careful with security on your email account. You seem to be saying the way to deal with that is to not worry about security anywhere else, because if security elsewhere is bad enough then your email is "most secure" by default. That does not seem like a great solution.

I might sign up with this simply to bomb all of my G+ circlers with my eclectic music tastes. I know they're all going to love newretrowave and nugrass.

Facebook has basically lost my trust entirely. Got an alert on Monday that I had notifications waiting. Duly logged in for my weekly check. Go to my notifications page. No notifications. Desire to punch monitor reaches near critical level. Put "find obscure Masonic ritual to purge Facebook from my existence" back on to-do list.

Woke up yesterday to find out George Takei is in my circle. There are 7 people in that particular circle. As far as I know none of us know Mr. Takei personally (or even professionally). And yes, it is really him. I chatted with him last night to verify that.

I don't know if this was some sort of elaborate plot on the part of Google to woo me (I don't think it is, frankly, as Mr. Takei grilled me on why I rated Firefly and Star Wars above Star Trek) but whatever. This is the sort of experience a virtual social network should be providing. Low-key, most unobtrusive service that lets me chat with my friends in a variety of forums, pontificate on things (like the correlation between the location of your law school and your ability to hold your liquor, which was resolved before it even began: New England), and occasionally get introduced to people who are awesome that aren't exactly in your real world social circles.

Just try to change your name in Gmail. I changed my real name to something not recognizable as a first, last name. The google team doesn't like it so they said my G+ account has been suspended. Oh boo-hoo. Looks like I don't get to participate.

This is why I never gave Google my real name to start with. Being a paranoid recluse is an advantage when they ARE out to get you! (or at least all your personal information)

On the other hand, the single site becomes more of a target, and if anywhere in the security chain breaks you have effectively leaked your password for all of those sites -- exactly what you are cautioned not to do in the conventional advice to have unique passwords for every site. And one shouldn't think the only vulnerability is the one site (e.g. Google) as there are alternatives such as hacking the secondary site to present a false login prompt and capture your universal password.

If you use their email service, most password resets will be sent to that service anyway. This just makes it more convenient.

So if your email account is compromised, that potentially compromises everything else.

That's true, but the inverse situation only exists with single sign-in. For example, a site is hacked to present a false log-in screen and obtains your password. Without single sign-in, that can only happen on your email site. With single sign-in, it could happen on many sites. There are more vulnerabilities now that endanger that email address.

Ultimately you need to be most careful with security on your email account. You seem to be saying the way to deal with that is to not worry about security anywhere else, because if security elsewhere is bad enough then your email is "most secure" by default. That does not seem like a great solution.

I don't think you understand how this actually works... Go do some reading

Google already has all that stuff, if you use gmail and have... oh, a credit card with your name that sends you things.

They've SO abused it that I can't trust them with information they already have. Riiight. Plus then you'll miss those fun Ars Hangout against Humanity nights.

jdale wrote:

You seem to be saying the way to deal with that is to not worry about security anywhere else, because if security elsewhere is bad enough then your email is "most secure" by default. That does not seem like a great solution.

No, I'm saying that you're best off with one secure login that does strong authentication, then using a secure trust mechanism between that and third party sites. It doesn't matter if it's OnePassword (or whatever) using maximum entropy hashed passwords to those third party sites as the secure trust mechanism, or Google using oAuth (or whatever) to athenticate you as you. You're still going to need one central mechanism, either controlled by you or a third party. And there's a lot of associated headache with one controlled by you.

[quote="[url=http://arstechnica.com/civis/viewtopic.php?p=24395137#p24395137]Most marketing aims for that demographic because statistically people in the demographic are naive (inexperienced) and easily influenced (peer pressure, puberty, etc.).

I don't think it's naivety. Inexperience, sure, but there's only one way to get that. (And it doesn't always come with age.)

I think the desire is more to target people who not only spend more on entertainment and non-durable goods, but also those who you hope develop a brand loyalty and keep coming back for more.

Quote:

But that doesn't mean everyone in the demographic is either. There are always those that buck the trends.

I have a feeling at least 25% of that demographic will never use a service like described because of their independent nature.

Certainly there are always outliers in the stereotypes that marketing departments target. In both directions.... there's little sadder than a 50 year old posting all her personal and work drama on Facebook and then wondering why people judge her. But marketing departments care about bulk numbers and are going to target the largest groups first.

[ Google already has all that stuff, if you use gmail and have... oh, a credit card with your name that sends you things.

They've SO abused it that I can't trust them with information they already have. Riiight. Plus then you'll miss those fun Ars Hangout against Humanity nights.

Past behavior is not an indication of future actions, particularly involving mega-corporations. Once they have that info about you, they have it. At some point, they may transition from a company who sells ads to a company who sells your information. To a lot of people, it's not a big deal, but it is to me.

I've been dipping my toe into Google Now lately. It's pretty cool, but to get it to work as intended, you have to give your entire life to Now and to Google. Emails, calendars, search, location, purchases, etc. This is just another example of Google trying to learn everything about you, your likes, and your behaviors.

Exactly. I'm 16, I don't connect with companies on Facebook, I don't like anything so that they don't have marketing data on me, I block tracking scripts and crap, I don't use apps that do nothing more than the website, and advertising tends to DISCOURAGE me from buying a product, if anything. I'm pretty sure I'm not the kind of person they're trying to target though.

Does telling someone "You're cynical enough for someone twice your age" instead of being told the same mean I've turned into an old fart?

This is pretty slick. Companies being able to integrate personal data into Google Search is a big win for everyone. Almost starts to turn a standard Google Search into a dashboard of sorts.

I don't understand the complaints of FB vs Google+ too much. This seems more like an effort to have Google as a platform rather than a push for more visible social search. Social search is more of an effect than a cause.